Non riesco a visualizzare determinati indirizzi web, non riesco ad aprire tanti tool di rimozione rootkit tipo fixgrom.exe, FixLinkopt.exe , li scarico ma al click sull'eseguibile non succede nulla! Con Sophos la prima volta che l'ho lanciato mi ha risolto il problema, ma al riavvio tutto è tornato alla disperata situazione di prima!
CERCO AIUTO x distruggere questo Figlio di PxxxxxA.
Kiubque volesse farlo posti tt il necessario. Fatemi sapere, oggi pomeriggio lavoro ma torno online stasera dopo le 23:00.
GRAZIE MILLE!!!
report di HijackThis v1.99.1
Logfile of HijackThis v1.99.1
Scan saved at 12.18.27, on 26/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\ATKKBService.exe
D:\Programmi\ProcessGuard\dcsuserprot.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\ZyXEL\ADSL USB Modem\CnxDslTb.exe
D:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\Outlook Express\msimn.exe
D:\Programmi\Windows NT\Accessori\WORDPAD.EXE
D:\Programmi\Internet Explorer\iexplore.exe
D:\Documents and Settings\Donny\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [CnxDslTaskBar] "D:\Programmi\ZyXEL\ADSL USB Modem\CnxDslTb.exe"
O4 - HKLM\..\Run: [!1_pgaccount] "D:\Programmi\ProcessGuard\pgaccount.exe"
O4 - HKCU\..\Run: [ASUS SmartDoctor] D:\Programmi\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "D:\Programmi\ProcessGuard\procguard.exe" -minimize
O8 - Extra context menu item: Download Using &BitSpirit - D:\Programmi\BitSpirit\bsurl.htm
O8 - Extra context menu item: Scarica &tutto con Mass Downloader - D:\Programmi\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Scarica con &Mass Downloader - D:\Programmi\Mass Downloader\Add_Url.htm
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Programmi\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Programmi\Mass Downloader\massdown.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2B75478-93EC-4B15-BB79-F6D6821B9430}: NameServer = 213.205.36.70 213.205.32.70
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: DiamondCS ProcessGuard Service v3.400 (DCSPGSRV) - DiamondCS - D:\Programmi\ProcessGuard\dcsuserprot.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe